Nokia reports spike in IoT attacks but telcos are holding up

Not surprisingly, IoT attacks and devices being infected by malware are up as a result of the pandemic. Nokia has produced its annual report of telecoms networks that use its NetGuard Endpoint security solution.

This means that Nokia can report on vulnerabilities of around 150 million devices worldwide. The survey covers the period from October 2019 to June 2020 and shows how crooks sought to exploit the pandemic, with malware cases rising by 100% at one point.

Monthly infections on networks ran at 0.23% and then spiked to close to 30% as the pandemic triggered lockdowns and users were more likely to open and click on content masquerading as COVID-19 advice or useful information.

We were obviously aware that attacks had become more frequent during the pandemic and this report puts numbers on that assumption.

That said, the encouraging news is that successful attacks on mobile networks (fixed broadband networks were hit hardest in May and June) are less than they were in previous years.

While this proves that telcos are getting better at protecting their networks (using Nokia’s security product, obviously) IoT attacks are still a problem area. As we have said before, there is a continuing problem with IoT devices and that is that the companies who make kettles or fridges are good at making kettles or fridges and do not necessarily even think about the vulnerabilities of connecting a device to the internet.

Education is one solution and some form of ‘kitemark’ may be another. That, however, would be difficult to police. In the old days when phones were phones, you were not allowed to connect a phone to the network that had not been given approval or the ‘kitemark’. Now, of course, devices are available in almost any shop or online store.

IoT attacks will continue to be a problem, although it does seem that network operators are getting ahead of the bad guys. One warning note from Nokia is that with the advent of standalone 5G next year, IoT attacks are almost certain to spike again. Consumers, enterprises and network operators will need to put security at the top of the agenda to avoid the chaos that an attack can bring. Disruptive Asia